Our website use cookies to improve and personalise your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense, Google Analytics, Youtube. By using the website, you consent to the use of cookies.

azure

Azure Availability Zones, a high-availability solution for mission-critical applications, is now generally available in UK South. Availability Zones are physically separate locations within an Azure region. Each Availability Zone consists of one or more datacenters equipped with independent power, cooling, and networking. With the introduction of Availability Zones, Microsoft now offer a service-level agreement (SLA) of 99.99% for uptime of virtual machines.

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall is currently a managed public preview that you need to explicitly enable using the Register-AzureRmProviderFeature PowerShell command. You can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks. Azure Firewall uses a static public IP address for your virtual network resources allowing outside firewalls to identify traffic originating from your virtual network. The service is fully integrated with Azure Monitor for…

Microsoft are pleased to announce two new Virtual Machine (VM) sizes, E64i_v3 and E64is_v3, which are isolated to hardware and dedicated to a single customer. These VMs are best suited for workloads that require a high degree of isolation from other customers for compliance and regulatory requirements. You can also choose to further subdivide the resources by using Azure support for nested VMs. The E64i_v3 and E64is_v3 will have the exact same performance and pricing structure as their cousins E64_v3 and E64s_v3. These size additions will be available in each of the regions where E64_v3 and E64s_v3 are available today. The…

Today, Microsoft announced the support for backup of large disk VMs and set of improvements aimed at reducing the time taken for backup and restore. These set of improvements and large disk support is based on a new VM backup stack and are available for both managed and unmanaged disks. You can seamlessly upgrade to this new stack without any impact to your on-going backup jobs and there is no change to how you setup backup or restore. This announcement combines multiple feature improvements: Large disk support – Now you can backup VMs with disk sizes up to 4TB(4095GB), both managed and unmanaged.…

Azure Security Center provides several threat prevention mechanisms to help you reduce surface areas susceptible to attack. One of those mechanisms is Just-in-Time (JIT) VM Access. Today Microsoft announced the general availability of Just-in-Time VM Access, which reduces your exposure to network volumetric attacks by enabling you to deny persistent access while providing controlled access to VMs when needed. When you enable JIT for your VMs, you can create a policy that determines the ports to be protected, how long ports remain open, and approved IP addresses from where these ports can be accessed. The policy helps you stay in…

Today Microsoft announced that you can now enable nested virtualisation using the Dv3 and Ev3 VM sizes. Microsoft will continue to expand support to more VM sizes in the coming months. For software and hardware prerequisites, configuration steps and limitations for nested virtualisation please see the document here. In this blog Microsoft discuss a couple of interesting use cases and provide a short video demo for enabling a nested VM. Now not only you can create a Hyper-V container with Docker (see instructions here), but also by running nested virtualisation, you can create a VM inside a VM. Such nested environment provides…

Microsoft this week announced the public preview of disaster recovery for Azure IaaS virtual machines (VMs) using Azure Site Recovery (ASR). You can now easily replicate and protect IaaS based applications running on Azure to a different Azure region of your choice within a geographical cluster without deploying any additional infrastructure components or software appliances in your subscription. This new capability, along with Azure Backup for IaaS virtual machines, allows you to create a comprehensive business continuity and disaster recovery strategy for all your IaaS based applications running on Azure. As you move production applications to the cloud, Azure natively…

I’ve seen many posts on forums asking for more detail on the temporary disks assigned to Azure IaaS Windows and Linux VMs so here is a quick post explaining what they are. When you create a VM either in the portal or command line utilities (i.e. PowerShell) you automatically receive an additional drive or mount point which is available for you to use at no additional cost for storage or transactions. The primarily use case is to provide faster storage (IOPS and Latency) but although this sounds great it isn’t to be used for any data that you wish to…

Have you ever wondered what this IP address is? Well 168.63.129.16 is a virtual public IP address that is used to facilitate a communication channel to internal platform resources for the bring-your-own IP Virtual Network scenario. Because the Azure platform allow customers to define any private or customer address space, this resource must be a unique public IP address. It cannot be a private IP address as the address cannot be a duplicate of address space the customer defines. This virtual public IP address facilitates the following things: Enables the VM Agent to communicating with the platform to signal it…

As we all know in this day and age our workloads are more likely to migrate to the cloud which I'm sure you all know has it's benefits and it's inherent downsides. One discussion point on everyone's mind is always security (so it should be), just how secure is the cloud. One thing to bear in mind is that your time and approach to defining security principles should be no different to that of on-premises. Having worked with Azure for a number years I just wanted to share some pertinent information around the security model specifically with Azure. The following…